travisgoodspeed
commented
5 years ago I wish you all the best in this, but please discuss it someplace that doesn't automatically ping my cellphone. This is an issue tracker, not a discussion forum.
Closed cepope13 closed 5 years ago
travisgoodspeed
commented
5 years ago I wish you all the best in this, but please discuss it someplace that doesn't automatically ping my cellphone. This is an issue tracker, not a discussion forum.
The message below was in a previous thread that's been closed. I'm just curious if anyone knows what the 110x reduction in key space refers to? Is this some generic vulnerability of RC4? Thanks
"The issue is the way the keystream is generated.
I've tried a few things between an md380 and a XPR 6550 regarding EP/BP compatibility and it is not perfect but you could make out some of the conversation.
As someone said BP is a joke, but so is 40 bit EP. No one is going to try key after key by hand. BP can be had instantly already (there exists a receiver) and most EP systems are set up by non-professionals and a hypothetical attacker could thus recover a key in seconds to a couple hours due to the common 110x reduction in key space.
Not looking to hack either. It would be great if RC4 could be dropped in a 380 too with front panel key entry (known key) or cps.
I just try to advise people neither forms of voice privacy (BP and 40 bit EP) are secure.
I can run test vectors on BP and RC4 if needed. Not to hack, but to work on getting these two modes working in an MD380.
I don't know if moto would be happy about this though. ARC4 is open but moto BP is Motorola exclusive and if they have any trade secrets, patents ,etc I'm avoiding it.
Then we could have full interop with other moto radios in privacy mode.
If everything is legal of course.
Originally posted by @cryptonomicon in https://github.com/travisgoodspeed/md380tools/issues/50#issuecomment-249721961"